Job Description

Overview: As Cyber Security Specialist, you will work within the Security Operation Center in evaluating risks, conduct log analysis and act upon security threats across a complex and disperse IT estate. You will carry out threat analysis and handling process to ensure the efficient and timely mitigation of security threats, as well as understanding the threats\xe2\x80\x99 risks and potential business impacts of both threats and mitigation measures. By leveraging the SIEM and the current security toolset, you are expected to investigate security issues and conduct root analysis, as well as resolving or escalating security incidents.
The world is changing. Are you ready to define with future of travel with us?
What you will do

• Conduct comprehensive investigation on a wide variety of security events, recommend and implement remediation processes.

• Hunt for potential internal and external threats and developing detection mechanisms and reports.

• Perform and review threat detection use cases and fine tuning

• Work actively on evolving our threats detection and team efficiency by acting on noise and false positive.

• Handle security incidents in line with the incident response process

• Work with resolver groups to evaluate and recommend new security practices and solutions.

• Provide security advices and promoting security awareness to other IT teams and clients.

• Involve in the production of threat intelligence and IOC by leveraging threats information from past incidents, sandboxes reports, malware reversing and data forensic.

• Mentor and train L1 security engineers

• Identify improvement areas in processes and/or tools to ensure highest level of quality

• Produce security incidents reports and recommendations.

Qualifications: Who you are

• Significant experience of working within a mature SOC organization or as a security threat analyst in an equivalent security environment.

• Experience in using SIEM technologies, endpoint protection response, IDS and other security technologies.

• High level of analytical and problem-solving skills.

• Good understanding of system, and application logs from a variety of platforms, from firewall, domain controllers to IDS, etc.

• Technical expertise in multiple security technologies would be an advantage including security incident handling experience.

• Good knowledge of threat intelligence data, IoC, threat actors, kill chain, etc.

• Having experience in the penetration testing/ethical hacking field is a plus.

• Functional skills with regex, IDS signature, SPL and SQL is a plus.

• Skills in network analysis, sandboxing, malware reversing or forensic is an asset.

• Strong knowledge of vulnerabilities, CVE, 0day and their potential impacts.

• Keeping aware and continually informed of the worldwide security landscape: new threats, actors, du jour attack, as well as the new security technologies and products.

• Ability to comprehend the priority on enabling the business, while working on security incidents mitigation/containment and possible impacts on the production environment.

• Strong customer/client focus, interact with a variety of stakeholders in a well-mannered, positive, and professional way, and building long-term relationships.

• Strong written/verbal communication skills.

• Ability to effectively prioritize and execute tasks in a high-pressure environment.

• Experience with IT compliance assessments (ISO 27000 etc.).

• Certified Information Systems Auditor

• Global Information Assurance Certifications (GIAC) e.g. Certified Incident Handler (GCIH), Certified Intrusion Analyst (GCIA), Certified Enterprise Defender (GCED) or other relevant GIAC certifications.

What we offer SITA\xe2\x80\x99s workplace is all about diversity: many different countries and cultures are represented in our workforce, and colleagues who\xe2\x80\x99ve been working here for decades collaborate with those just out of college and early in their careers. SITA is a place of change and constant improvement, where we\'re always pushing ourselves to find better ways of doing things: smarter, quicker, easier, for us and our customers and for their customers too. And we offer all the good stuff you\xe2\x80\x99d expect like holidays, bonus, flexible benefits, medical policy, pension plan and access to world class learning.
Welcome to SITA SITA is the world\xe2\x80\x99s leading specialist in air transport communications and information technology. We don\xe2\x80\x99t just connect the global aviation industry. We apply decades of experience and expertise to address almost every core business, operational, baggage, and passenger process in air transport. We design, build, and support technology solutions all with one vision to create easy air travel every step of the way. As an organization, we cover 95% of all international air travel destinations and work with over 2,800 air transport and government customers in every corner of the globe. Are you ready to explore the opportunities?
Keywords: SOC Engineer, Security Analyst, Security Engineer, Cyber Security, Security Operations Centre, Information Security In case of issues with uploading your CV or accessing the application system, please contact us @ careers@sita.aero